Cj · Cj Ultra Plus · CVE-2008-4241
Name of the Vulnerable Software and Affected Versions:
CJ Ultra Plus versions 1.0.4 and earlier
Description:
The issue allows remote attackers to execute arbitrary SQL commands via an SID cookie. This can be achieved by manipulating the `SID` cookie, which is used to store session identifiers.
Recommendations:
For CJ Ultra Plus versions 1.0.4 and earlier, update to a version later than 1.0.4 to resolve the issue.